[Slackbuilds-users] nginx permissions?
Miguel De Anda
miguel at thedeanda.com
Wed Jul 8 20:31:39 UTC 2015
I just had to rebuild my nginx machine and I ran into this issue
again! I managed to fix it this time with a:
chmod 755 /var/lib/nginx
I notice the buildscript set it to 700. I simply installed it via
slackrepo using nothing but defaults so nginx runs as user nobody.
Might be worth checking out to prevent future issues.
On Thu, May 7, 2015 at 11:53 AM, Thomas Morper <thomas at beingboiled.info> wrote:
> On Tue, 5 May 2015, Miguel De Anda wrote:
>
>> i've installed nginx from the slackbuild and i have it run as a proxy for
>> tomcat with a config something like this...
>
>> when it tries to load some files, it fails with the following error:
>> "/var/lib/nginx/proxy/3/00/0000000003" failed (13: Permission denied)
>
>> it seems to kind of work if i add a
>> user mdeanda users;
>> to the config and change the permission to /var/lib/nginx/*
>
> Nginx uses /var/lib/nginx for various temporary files, especially when
> proxying. The directory should belong to root:root. Upon start, nginx will
> then create the various subfolders and asign them to the $NGINXUSER unless
> they already exist.
>
> I ran into problems once when I either reconfigured or rebuilt nginx to
> use a different user id but forgot about /var/lib/nginx/* still belonging
> to the old user. I don't know how you ended up with the wrong permissions,
> but if you stop nginx, remove the contents of /var/lib/nginx and restart
> you should be fine. If the permission problems remain you should check
> your config and your nginx package for possible errors (e.g. built in
> wrong environment, manually specified user doesn't exist, etc.).
>
> Regarding the user id... the SlackBuild script follows best practices by
> using the defaults but still giving the user a choice. Having a dedicated
> "nginx" user is IMHO desirable with regards to permissions and security.
> It's not technically required, though.
>
> --
> _______________________________________________
> SlackBuilds-users mailing list
> SlackBuilds-users at slackbuilds.org
> http://lists.slackbuilds.org/mailman/listinfo/slackbuilds-users
> Archives - http://lists.slackbuilds.org/pipermail/slackbuilds-users/
> FAQ - http://slackbuilds.org/faq/
>
More information about the SlackBuilds-users
mailing list